On Tue, Dec 17, 2013 at 10:22:19AM -0800, Jarno Rajahalme wrote: > Commit da546e0 (dpif: Allow execute to modify the packet.) uninitializes > the "dpif_upcall.packet" of "struct upcall" when dpif_recv() returns error. > The packet ofpbuf is likely uninitialized in this case, hence calling > ofpbuf_uninit() on it will likely cause a SEGFAULT. > > This commit fixes this bug by only uninitializing packet's ofpbuf on > successfully received upcalls. > > A note warning about this is added on the comment of dpif_recv() in > dpif-provider.h. > > Reported-by: Alex Wang <al...@nicira.com> > Signed-off-by: Jarno Rajahalme <jrajaha...@nicira.com>
I'd add a similar comment on dpif_recv() also. Acked-by: Ben Pfaff <b...@nicira.com> (Another approach would be to make dpif_recv() initialize the buffer on error return.) _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
